Abstract 



An arrangement to accomplish authentication of end-users (1) and end-points (1) in a 
packet based network, which includes components that support all or parts of different 
versions of the H.323 recommended standard, be proposed. Authentication is 
accomplished by means of an authentication proxy (2), which will support security 
profiles supported by one or more associated gatekeepers (3). Provision of end-user (1) 
and end-point information for an authentication proxy (2) may be accomplished by 
means of standard non-proprietary communication and protocol such as http or https 
and a simple html form, an applet or a servlet respectively, and for a gatekeeper (3) by 
means of a RAS message such as gatekeeper request (GRQ). 



• 



Abbreviation / Term 


Description 


Hashing 


Performing hashing means to code a text 
or data according to a specific algorithm. 
The hashed text or data can only de 
decoded by entities that knows the original 
hashing function 


Proxy 


By proxy is meant a function that is not 
taking active part (not an originating or 
terminating signalling or media entity) in 
any communication, the proxy is only 
helping out by doing small enhancements 
or other functions. 


Endpoint 


By endpoint is meant an entity that either 
originates or terminates signalling (H.323) 
and media (RTP/RTCP) 


RTF 


Real Time Protocol as described in RFC 
1889 


RTCP 


Real Time Control Protocol, described in 
RFC 1889 


End-user 


The person that uses the End-point. 


Authentication 


The procedure to check the identity of 
end-users. Unlike a login procedure, which 
is combined with a logout, authentication 
is a one step function 


SSL 


Secure Socket Layer 


RAS 


Registration, Admission and Signalling 


Security profile 


A security profile defines which data 
should be hashed, and according to which 
function the data should be hashed. 


Applet 


An applet is a program that is transferred 
from a server to an end-user terminal (e.g. 
a computer) and executed at the end-user 
terminal. 


Http 


Hyprt Text Transport Protocol 


Firewall 


An entity that is placed between a Local 
network and the outside network. The 
main object for the firewall is to prevent 
certain types of traffic to pass from the 
outside network to the inside. 



